A Trust Evaluation Model Based On Cloud User Behavior

In recent years, cloud computing is accepted by public with its low cost and high quality services. However, driven by interests, the cloud platforms become the hackers’ main target. Such security problem of cloud computing result from hackers’ attack is becoming the key factor that hinder it’s further development. Methods such as simple access control and permission assignment have been unable to meet the requirements on safety of cloud computing, a identity of cloud user that has been already certified by cloud platform can’t ensure that the user won’t damage the cloud resources. For enhancing cloud stability and security, user behavior has to be supervised and managed. This paper proposes a trust evaluation model based on cloud user behaviors.The main work includes the following aspects:(1) By analyzing the hierarchical relation of the behavior-evidence and internal relation of the behavior-evidence in the same level. To evaluate the cloud user behaviors evidence based on cloud user behavior authentication model of multi-partite-graph and together with the analytic network process which is more applicable to modeling the behavior evidence. Put the interrelation of the behavior evidence into use in the process of evaluation, build the multi-partite-graph model by the new evaluation value.(2) According to the structural features of the multi-partite-graph, add optimal path and conservative path of cloud user behavior to original basis as reference standard of measuring the cloud users conduct. Use the weighted-gap and weighted-advantage to show the degree of specification of the cloud user behavior which provide data support for the trust evaluation.(3) Take the advantage of the defense mechanism by using the value of advantage and weighted-advantage in the multi-partite graph together with the penalty factor to enhance the detection rate of malicious users. Meet the principles such as rewarding good-behavior users based on the trust value update policy needs, punishing malicious-behavior users, trust value increase-slow and decrease-fast and so on. Works out the two maintenance strategy including the trust value time-attenuation strategy and the trust value increase-decrease strategy with the factor of reward and penalty.